CVE-2020-5938

{"id": "CVE-2020-5938", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2020-10-29T14:15:12.743", "references": [{"url": "https://support.f5.com/csp/article/K76610106", "tags": ["Vendor Advisory"], "source": "f5sirt@f5.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-326"}]}], "descriptions": [{"lang": "en", "value": "On BIG-IP 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, when negotiating IPSec tunnels with configured, authenticated peers, the peer may negotiate a different key length than the BIG-IP configuration would otherwise allow."}, {"lang": "es", "value": "En BIG-IP versiones 13.1.0-13.1.3.4, 12.1.0-12.1.5.2 y 11.6.1-11.6.5.2, cuando se negocian t\u00faneles IPSec con peers autenticados configurados, el peer puede negociar una longitud de clave diferente a la que permitir\u00eda la configuraci\u00f3n BIG-IP"}], "lastModified": "2020-11-09T03:14:09.897", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F82C168-C3F0-4E5A-9465-4C9BE57FE888", "versionEndIncluding": "11.6.5.2", "versionStartIncluding": "11.6.1"}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C0D3868-7BA0-482C-ADE9-4B4087C07B69", "versionEndIncluding": "12.1.5.2", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CF3BAF12-9795-4C5A-81A5-EFCEB46630C3", "versionEndIncluding": "13.1.3.4", "versionStartIncluding": "13.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "26EA444C-FA23-40A7-98C7-404DC8E5611F", "versionEndIncluding": "11.6.5.2", "versionStartIncluding": "11.6.1"}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "08D80A54-B719-4AD4-8861-1D98D26B9736", "versionEndIncluding": "12.1.5.2", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18AA373F-C5FE-42A4-AF3C-26F51F124A34", "versionEndIncluding": "13.1.3.4", "versionStartIncluding": "13.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D6AF221D-F7EC-40C9-BC9C-4F7C054C1600", "versionEndIncluding": "11.6.5.2", "versionStartIncluding": "11.6.1"}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "33BC59FD-6410-4F4D-B6A7-5DA3249A87EE", "versionEndIncluding": "12.1.5.2", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1E9213C5-1D33-4718-AEEF-F3D174809054", "versionEndIncluding": "13.1.3.4", "versionStartIncluding": "13.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8088D322-514B-49C3-9041-7FCD6902A0E6", "versionEndIncluding": "11.6.5.2", "versionStartIncluding": "11.6.1"}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B11E0D81-E40D-43EB-8315-F11FD78A2485", "versionEndIncluding": "12.1.5.2", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "87EDF992-832C-4A4D-8766-F3D7135E74CF", "versionEndIncluding": "13.1.3.4", "versionStartIncluding": "13.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "74330249-E08A-4DAB-AB9F-13BE634D74DA", "versionEndIncluding": "11.6.5.2", "versionStartIncluding": "11.6.1"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F258902-6395-40F3-9D53-F2582ED17EEF", "versionEndIncluding": "12.1.5.2", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C86000FB-C74C-48E2-A4DE-8326805D5A1E", "versionEndIncluding": "13.1.3.4", "versionStartIncluding": "13.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9A86305-2292-40FB-A984-9B15F7A079F0", "versionEndIncluding": "11.6.5.2", "versionStartIncluding": "11.6.1"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8FE5AD25-A186-4813-9114-6795629E906E", "versionEndIncluding": "12.1.5.2", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "33F9B68F-5888-4099-BBC6-DD88343AC508", "versionEndIncluding": "13.1.3.4", "versionStartIncluding": "13.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AAC89B6B-885D-4E3B-B477-497B70301255", "versionEndIncluding": "11.6.5.2", "versionStartIncluding": "11.6.1"}, {"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EB9F95F4-B631-4607-A459-7166E8A3F88B", "versionEndIncluding": "12.1.5.2", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CFAF23BC-987A-40FB-ABB5-2EB7E473314B", "versionEndIncluding": "13.1.3.4", "versionStartIncluding": "13.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5415B126-600B-4200-AA87-AFB434BFAE9F", "versionEndIncluding": "11.6.5.2", "versionStartIncluding": "11.6.1"}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "06DB5080-4612-45CB-9B8D-3BD97A7EC6AF", "versionEndIncluding": "12.1.5.2", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "85FAFA26-3B92-4CAE-8DD6-0A26B49794A8", "versionEndIncluding": "13.1.3.4", "versionStartIncluding": "13.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "46F2C7CC-928E-418F-9033-AF84835EF588", "versionEndIncluding": "11.6.5.2", "versionStartIncluding": "11.6.1"}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F9DD232C-0ECA-4E8C-8419-50C6D0C6D3E1", "versionEndIncluding": "12.1.5.2", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A6B0B7F5-5F35-4D0B-84D9-F0C198632E41", "versionEndIncluding": "13.1.3.4", "versionStartIncluding": "13.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B7A79CD5-DF43-4D88-928B-0145CAD4069D", "versionEndIncluding": "11.6.5.2", "versionStartIncluding": "11.6.1"}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1E204494-3006-43E1-A468-9B4633295D55", "versionEndIncluding": "12.1.5.2", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8E6EB084-C77A-4375-BB96-F961E7DBCAA2", "versionEndIncluding": "13.1.3.4", "versionStartIncluding": "13.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "714EE4A8-ACA0-40A5-B183-34D08591A82B", "versionEndIncluding": "11.6.5.2", "versionStartIncluding": "11.6.1"}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "92BFAFD4-B4A2-4F64-B928-714170074AEA", "versionEndIncluding": "12.1.5.2", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "37FEF755-ED1A-4F9C-B19F-3D136A07E1DA", "versionEndIncluding": "13.1.3.4", "versionStartIncluding": "13.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ACC3FDE8-EFD4-4D92-89BD-40A0F6304965", "versionEndIncluding": "11.6.5.2", "versionStartIncluding": "11.6.1"}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C90CCF95-1AA4-4FD5-AFC0-60A5BF1BF582", "versionEndIncluding": "12.1.5.2", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A88C898D-79BE-430A-994F-61BE8E4D1E2F", "versionEndIncluding": "13.1.3.4", "versionStartIncluding": "13.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "583BE9A4-928A-4347-994B-2E7F2B2AAD30", "versionEndIncluding": "11.6.5.2", "versionStartIncluding": "11.6.1"}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C2323F3C-3572-4B02-8C7B-E1A3FCD259D2", "versionEndIncluding": "12.1.5.2", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "41E9F7D6-21EC-4893-A93C-E0E4661DC2FF", "versionEndIncluding": "13.1.3.4", "versionStartIncluding": "13.1.0"}, {"criteria": "cpe:2.3:a:f5:ssl_orchestrator:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C0371A93-D67F-4CE9-82D7-42CF4B2CBCB6", "versionEndIncluding": "11.6.5.2", "versionStartIncluding": "11.6.1"}, {"criteria": "cpe:2.3:a:f5:ssl_orchestrator:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E32D6142-3CCE-4F23-B606-9954E3B56D32", "versionEndIncluding": "12.1.5.2", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:f5:ssl_orchestrator:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA48ECD9-B3BF-4A69-9521-1A664C70A974", "versionEndIncluding": "13.1.3.4", "versionStartIncluding": "13.1.0"}], "operator": "OR"}]}], "sourceIdentifier": "f5sirt@f5.com"}